As more and more commerce is conducted over the Internet, security concerns continue to grow because criminals are becoming more sophisticated and view the Internet as a rich environment for perpetrating their crimes. One of the main draws to electronic commerce is the ability to automate actions that have conventionally required human resources. However, automated services are more susceptible to being compromised by maleficent individuals who know how to deceive and use the automated services for their benefit.
A variety of software techniques and hardware devices are used by enterprises for detecting and thwarting deviant activity occurring with automated services. For example, encryption or keys may be used during communications with a service. Other techniques may require authentication to services before access is granted. In still other cases, specific hardware devices may utilize tokens or private keys to identify and authenticate themselves to the desired services.
Even with the most well thought out and conceived security environment, the environment may have security holes that can be found by savvy individuals who are familiar with the techniques being used within that environment. Consequently, enterprises are continually and regularly updating and augmenting their security techniques in an attempt to stay one step ahead of the opportunists that lurk about on the Internet.
Thus, security mechanisms should be adaptive and should be capable of anticipating new and unforeseen security situations. But, such security clairvoyance is difficult to establish because automated systems are typically hard coded and configured for known and previously encountered attacks and these systems are not geared to learn and anticipate new situations.